I have a need to find all the nested groups in a particular group 1 layer down. The problem I have is the code below usually works, but for some groups it does not.
If I use Windows Explorer to search for a particular group (click on the Network icon, then click on 'Search Active Directory', I can see the members and nested groups within the parent group. But through code using System.DirectoryServices.AccountManagement on 3.5 Framework, var Groups = MyGroup.GetGroups(); can't see the nested groups of some groups. I thought it was a permissions thing, but if i can see inside the group from my own manual search mentioned above, then I assume the code running from the same account should be able to see the same thing too. Is there something different I should try?
For what its worth, I'm using a script task on top of Framework 3.5 inside of a SSIS package. Also in the same package, searching for groups from a user principle object instead of a group principle works fine.
And for clarity, when I run this code
PrincipalContext AD = new PrincipalContext(ContextType.Domain, "ctx", "mypath");
GroupPrincipal myGroup = GroupPrincipal.FindByIdentity(AD, "myparentgroup");
var nestedgroups = myGroup.GetGroups();
"Nestedgroups" is null when it should contain my nested groups.
The problem I had was I used var Groups = MyGroup.GetGroups(); when I should have used var Groups = MyGroup.GetMembers();. Putting that behind a link statement allowed me to get all the objects I was looking for because .GetMembers() includes users and groups. Hope that helps.